JS ONSAN-VESSEL_DETAILS(1)(1)[.]xlsx[.]lzh | Triage

Sharing

Copy URL Twitter E-mail

General

Target

JS ONSAN-VESSEL_DETAILS(1)(1).xlsx.lzh
Size

672KB
MD5

8067557ae9e080d582021a7ad426ca11
SHA1

d696f06285161f24cc2f56c4693fd0e72ef91327
SHA256

ab154953bf25d3b4bfa47032114aa3012a67d38d08c7fefe6916552120071d7f
SHA512

d88190f3667c398c5e6dc03078507b48ba7d03a23096b0cba4cd8db9cde707cd5793ef0d8949e5924d0bb565b6acf21a51dc54f01fcd1de1bbfa6d9c2b09c1e1
SSDEEP

12288:GQsNSbOlsxRazYdLUDHIg2t2gRg96t7FArDE61ie1QETNin0lVNgR:GQssfz7L4It2m8DE617FS0buR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JS ONSAN-VESSEL_DETAILS(1)(1).xlsx.scr

Files

JS ONSAN-VESSEL_DETAILS(1)(1).xlsx.lzh
.lzh
JS ONSAN-VESSEL_DETAILS(1)(1).xlsx.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 837KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ